Current and future networking technologies continue to facilitate ease of information transfer and convenience to users. In order to provide easier or faster information transfer and convenience, telecommunication industry service providers are developing improvements to existing networks. For example, the evolved universal mobile telecommunications system (UMTS) terrestrial radio access network (E-UTRAN) is currently being developed. The E-UTRAN telecommunications standard, which is also known as Long Term Evolution (LTE) or 3.9G, is aimed at upgrading prior technologies by improving efficiency, lowering costs, improving services, making use of new spectrum opportunities, and providing better integration with other open standards.
One advantage of E-UTRAN which continues to be shared with other preceding telecommunication standards is the fact that users are enabled to access a network employing such standards while remaining mobile. Thus, for example, users having mobile terminals equipped to communicate in accordance with such standards may travel vast distances while maintaining communication with the network. In this regard, it is currently common for an access point or base station providing network coverage for a particular area (or cell), to pass off communication with a particular mobile terminal to a neighboring base station when the user of the particular mobile terminal exits the coverage area of the base station or can otherwise be more effectively served by the neighboring base station. This process is often referred to as a “handover” or “mobility event.”
One lingering problem with handover in E-UTRAN and other mobile communications networks is the issue of providing fresh security context to a target system during intersystem mobility. In this regard, during handovers between neighboring base stations, a mobile terminal may traverse multiple telecommunications systems implementing different telecommunication standards. For example, even as some telecommunications systems implement E-UTRAN standards, other telecommunications systems and consequently neighboring base stations may continue to implement legacy telecommunications standards such as, for example, the universal mobile telecommunications system (UMTS) terrestrial radio access network (UTRAN) telecommunications standard and the global system for mobile communications (GSM) enhanced data rates for GSM evolution (EDGE) radio access network (GERAN) telecommunications standard.
For example, a mobile terminal may be handed over from a source radio access point or base station (referred to as an “evolved node-B” or “eNB” in E-UTRAN) to a target radio access point or base station of a target system implementing a legacy telecommunications standard, such as UTRAN or GERAN. The E-UTRAN system may maintain a cached security context for the mobile terminal, which may be accessed and used to generate a mapped security context to provide the target system. This mapped security context may comprise, for example, a cipher key and an integrity key, which may be calculated based upon a master key maintained in the cached security context by the source system and used to derive security keys used for communication with the mobile terminal. Accordingly, the mapped security context and consequently the cipher key and integrity key provided to the target system may be the same each time the mobile terminal is handed over from the E-UTRAN source system to the target system during the life of the master key maintained in the cached security context of the source system for the mobile terminal. The resulting provision of the same mapped security context to the target system if the mobile terminal is handed over back and forth between the source E-UTRAN system and the target system multiple times during the life of the master key in the cached security context maintained by the source E-UTRAN system is sometimes referred to as “key stream reuse.” An exploitable security vulnerability may result from this key stream reuse.
Accordingly, it would be desirable to develop a protocol for derivation of a mapped security context from a cached security context so as to avoid key stream reuse and consequently to provide for more secure communications. It would be further desirable if the protocol did not require any modifications to the target system.